One type of scan is known as a Full Open Scan, which is just a fancy way of saying that the two systems involved in the scan both initiate and complete the TCP three-way handshake. One advantage of this kind of a scan is that you have positive feedback that the target host is up and the connection is complete. When the connection is no longer required, the initating party will change the three-way handshake, and the last step will be a message with the ACK and the RST flags set, which will tear down the connection. Note that some if not most tools will do the four-way termination procedure, making the connection look legal to the targeted host.